Bug 1175

Summary: ssh-keygen is generating 2048 bit keys by default
Product: Portable OpenSSH Reporter: Russell Conner <rgconner>
Component: ssh-keygenAssignee: Assigned to nobody <unassigned-bugs>
Status: CLOSED FIXED    
Severity: normal    
Priority: P2    
Version: 4.2p1   
Hardware: SPARC   
OS: Solaris   

Description Russell Conner 2006-03-23 05:07:29 AEDT 
ssh-keygen's appears to be generating 2048bit dsa keys, contrary to the documentation which says dsa keys must be 1024. Can be overridden with -b 1024 to generate a valid key.
Comment 1 Darren Tucker 2006-03-23 07:24:18 AEDT 
I think this is already fixed in 4.3, can you reproduce it with that version?

$ ssh -V
OpenSSH_4.3p2, OpenSSL 0.9.7f 22 Mar 2005
$ ssh-keygen -t dsa -f tmpkey -N ''
Generating public/private dsa key pair.
[...]
$ openssl dsa -in tmpkey -text -noout |head -2
read DSA key
Private-Key: (1024 bit)
Comment 2 Russell Conner 2006-03-23 17:51:46 AEDT 
I do not have that version installed, I will do so and test on a sandbox in the morning.
Comment 3 Russell Conner 2006-03-24 04:13:38 AEDT 
Confirmed no issue in latest releases. Thank you, I searched for a bug fix and did not find one.
Comment 4 Darren Tucker 2006-03-24 07:34:26 AEDT 
No problem, closing bug.
Comment 5 Darren Tucker 2006-10-07 11:44:57 AEST 
Change all RESOLVED bug to CLOSED with the exception of the ones fixed post-4.4.